let A be preIfWhileAlgebra; :: thesis: for S being non empty set
for T being Subset of S
for s being Element of S
for f being ExecutionFunction of A,S,T
for P being set
for C, I being Element of A st C is_terminating_wrt f & I is_terminating_wrt f,P & P is_invariant_wrt C,f & ( for s being Element of S st s in P & f . ((f . (s,I)),C) in T holds
f . (s,I) in P ) & f iteration_terminates_for I \; C,f . (s,C) & s in P holds
[s,(while (C,I))] in TerminatingPrograms (A,S,T,f)
let S be non empty set ; :: thesis: for T being Subset of S
for s being Element of S
for f being ExecutionFunction of A,S,T
for P being set
for C, I being Element of A st C is_terminating_wrt f & I is_terminating_wrt f,P & P is_invariant_wrt C,f & ( for s being Element of S st s in P & f . ((f . (s,I)),C) in T holds
f . (s,I) in P ) & f iteration_terminates_for I \; C,f . (s,C) & s in P holds
[s,(while (C,I))] in TerminatingPrograms (A,S,T,f)
let T be Subset of S; :: thesis: for s being Element of S
for f being ExecutionFunction of A,S,T
for P being set
for C, I being Element of A st C is_terminating_wrt f & I is_terminating_wrt f,P & P is_invariant_wrt C,f & ( for s being Element of S st s in P & f . ((f . (s,I)),C) in T holds
f . (s,I) in P ) & f iteration_terminates_for I \; C,f . (s,C) & s in P holds
[s,(while (C,I))] in TerminatingPrograms (A,S,T,f)
let s be Element of S; :: thesis: for f being ExecutionFunction of A,S,T
for P being set
for C, I being Element of A st C is_terminating_wrt f & I is_terminating_wrt f,P & P is_invariant_wrt C,f & ( for s being Element of S st s in P & f . ((f . (s,I)),C) in T holds
f . (s,I) in P ) & f iteration_terminates_for I \; C,f . (s,C) & s in P holds
[s,(while (C,I))] in TerminatingPrograms (A,S,T,f)
let f be ExecutionFunction of A,S,T; :: thesis: for P being set
for C, I being Element of A st C is_terminating_wrt f & I is_terminating_wrt f,P & P is_invariant_wrt C,f & ( for s being Element of S st s in P & f . ((f . (s,I)),C) in T holds
f . (s,I) in P ) & f iteration_terminates_for I \; C,f . (s,C) & s in P holds
[s,(while (C,I))] in TerminatingPrograms (A,S,T,f)
let P be set ; :: thesis: for C, I being Element of A st C is_terminating_wrt f & I is_terminating_wrt f,P & P is_invariant_wrt C,f & ( for s being Element of S st s in P & f . ((f . (s,I)),C) in T holds
f . (s,I) in P ) & f iteration_terminates_for I \; C,f . (s,C) & s in P holds
[s,(while (C,I))] in TerminatingPrograms (A,S,T,f)
let C, I be Element of A; :: thesis: ( C is_terminating_wrt f & I is_terminating_wrt f,P & P is_invariant_wrt C,f & ( for s being Element of S st s in P & f . ((f . (s,I)),C) in T holds
f . (s,I) in P ) & f iteration_terminates_for I \; C,f . (s,C) & s in P implies [s,(while (C,I))] in TerminatingPrograms (A,S,T,f) )
assume that
A1: C is_terminating_wrt f and
A2: I is_terminating_wrt f,P and
A3: P is_invariant_wrt C,f and
A4: for s being Element of S st s in P & f . ((f . (s,I)),C) in T holds
f . (s,I) in P ; :: thesis: ( not f iteration_terminates_for I \; C,f . (s,C) or not s in P or [s,(while (C,I))] in TerminatingPrograms (A,S,T,f) )
given r being non empty FinSequence of S such that A5: r . 1 = f . (s,C) and
A6: r . (len r) nin T and
A7: for i being Nat st 1 <= i & i < len r holds
( r . i in T & r . (i + 1) = f . ((r . i),(I \; C)) ) ; :: according to AOFA_000:def 33 :: thesis: ( not s in P or [s,(while (C,I))] in TerminatingPrograms (A,S,T,f) )
assume A8: s in P ; :: thesis: [s,(while (C,I))] in TerminatingPrograms (A,S,T,f)
defpred S₁[ Nat] means ( $1 + 1 < len r implies r . ($1 + 1) in P );
A9: S₁[ 0 ] by A3, A5, A8;
A10: for i being Nat st S₁[i] holds
S₁[i + 1] A19: for i being Nat holds S₁[i] from NAT_1:sch 2(A9, A10);
[s,C] in TerminatingPrograms (A,S,T,f) by A1;
hence [s,(while (C,I))] in TerminatingPrograms (A,S,T,f) by A5, A6, A20, Def35; :: thesis: verum